This is not a criticism of your security schedule but it should be given the HIGHEST priority!
We got a five-year, enterprise, wildcard, 4096 bit, SHA2 certificate, which we can install on as many servers as we want, so long a the domain matches "chicagonettech.com" for about $270.00 last December. from Comodo. Took less than 12 hours to apply, download, and install, along with the 3 supporting certificates
We're seeing tons of "man-in-the-middle" attacks to capture usernames and passwords on non-secured connections.
We're now totally locked down, no more plain text anything, and only had a problem with one customer who balked. He left over the new security, and we picked up 12 more new clients because of our enforcement.
It only takes one compromised account to gain access to the data for millions of user accounts;
Phonr: (773) 491-9019
Phone: (224) 444-0169
E-Mail and DNS Security Specialist
Network Security Specialist
Customer Service Portal: https://portal.chicagonettech.com
Security Blog: http://networkbastion.blogspot.com/
Web and E-Mail Hosting, E-Mail Security and Consulting